<?php
require_once "../Common/database.php";
require_once "../Common/values.php";
$password=md5($_POST[oldpassword]);
$query=mysql_query("SELECT * FROM tblUsers WHERE Name='$user'");
$row = mysql_fetch_array($query);
if($password==$row[Password] && $_POST[newpassword1]==$_POST[newpassword2])
{
$passwordnew=md5($_POST[newpassword2]);
$query="UPDATE tblUsers SET Password='$passwordnew' WHERE Name='$user'";
mysql_query($query);

echo '<h3><center>Updated Password '.$_POST[name];
echo '<p><a href="../index.php">Back</a>';
}
else
{
echo '<center>There was an error changeing your password please try again<p><a href="../index.php?p=cpasswd">Back</a>';

}


?>